Looking for your account? Log in

Privacy PolicyOur measures to keep your data safe and secure

Last updated: april 10, 2018

Any further updates to this privacy policy will be posted here.

Introduction

ChurchApp Ltd. is committed to the protection of the privacy of all our customers. Your privacy is really important to us and we understand how important it is to you. Our aim is to be as clear and open as possible about what we do with your personal data and why we do it.

Definitions we use in this privacy notice

  • The Service” means our ChurchSuite software, which is accessed online through a web browser, or by using our mobile applications (Apps).
  • you”, “your Organisation” means your church, charity or other type of organisation that, as our customer, has requested to trial Church Suite or has opened a ChurchSuite account and is granted access to The Service’s admin-facing platform. In this relationship between us, your Organisation should be considered the Data Subject (our customer) as defined within the context of the GDPR and UK data protection law.
  • us”, “we” and “our” refer to ChurchApp Ltd. In the relationship between us, ChurchApp Ltd should be considered the Data Controller (the Service Provider) as defined within the context of the General Data Protection Regulation (GDPR) and UK data protection law. This means we decide how your personal data is processed and for what purposes.

How do we use your information?

When using our website, the personal information we collect might include your IP address, what pages you may have visited on our website and when you accessed them (as part of our log files). This information, in conjunction with our use of cookies to record information about your online preferences, helps us to tailor the website to your interests. (Full details on our use of cookies can be found in our Cookie Policy).

When you first sign up for a trial of The Service, you are required to provide basic contact information (about your Organisation, and about yourself as the organisation’s account contact) to enable us to create your trial account to access The Service. The contact details you provide are used solely to communicate with you throughout your trial experience. At the end of the trial period, if you wish to continue to access The Service on a paid subscription basis, those same contact details are retained.

Within the administrator section of The Service you are able to update the account, billing and data protection contact details for your organisation at any time; for example, if the account contact person changes within your organisation.

We comply with our obligations under the GDPR by keeping personal data up to date; by storing and destroying it securely; by not collecting or retaining excessive amounts of data; by protecting personal data from loss, misuse, unauthorised access and disclosure and by ensuring that appropriate technical measures are in place to protect personal data.

In the interests of transparency and to be as clear as possible, we’ve set out the specific information we may collect about you when you sign up for a ChurchSuite account, how we keep your information confidential and secure, and how you can access your information if you need to at the end of this privacy policy.

What is our lawful basis for using your information?

We have various scenarios under which we may use your information, and for each have identified a lawful basis, as described below:

  • Contract applies:
    • If you have subscribed to use The Service (see our related Terms of Service), processing is necessary to perform and manage the contract.
  • Legitimate interest applies:
    • Where the contract between us has ended – either because you have closed your trial of ChurchSuite or you have cancelled your subscription to The Service. We will opt you out of all communication and not contact you after the contract has ended; unless you contact us or have requested we contact you at a later date. However, we will retain your contract contact details for internal statistical and reporting purposes.
    • Where you sign-up for a training event and we communicate with you about that event, both before the event, and in follow up after the event.
    • Where you have engaged with us at an exhibition or marketing event, or you have approached us independently for information about The Service. We will only use your contact details to respond to your enquiry.
    • Where we need to communicate with you about: -
      • A technical issue or bug within The Service that affects you,
      • Any security-related matter,
      • New features and functionality added to The Service, or changes to existing,
      • Training events we are running designed to help train your users and maximise your organisation’s use of The Service.
    • For good governance and accounting, for market research, analysis and developing statistics.
  • Legal obligation applies:
    • When you exercise your rights under data protection law and related disclosures.
    • For maintaining and reporting financial accounting information for up to 6 years from the end of the tax year in which a financial transaction was processed. Financial information may be for The Service, and for training.
  • Consent applies:
    • Where you have voluntarily subscribed to Church Suite’s emailing list and explicitly consented to receiving our emails. You can unsubscribe from this list at any time using the unsubscribe link in the footer of those periodic emails.
    • Where you have explicitly consented for us to publish a “Review” that your have written about The Service on our website. Your name, organisation name and website are included in the review, along with a profile image you have supplied us. You may withdraw your consent at any time and we will remove your review from our website. We’ll remove your review if you cancel your subscription.

Sharing your information

The information we hold about you will be treated as strictly confidential and we will only share your data with third parties with your prior consent, or unless required to do so by law.

How secure is your information?

We take security very seriously and will do everything within our power to keep your information safe. Full details on the steps we have taken to manage your data securely can be found on our security page.

How long do we keep your information?

We keep data in accordance with the guidance set out by the GDPR. We endeavour to maintain only data that is relevant, accurate and up to date. You are responsible for keeping account contact, billing contact and data protection contact details up to date (managed in the Administrator section of the Service). We have internal processes to periodically review the data we hold and delete data that is no longer relevant to our purpose for processing.

Your rights and your information

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data: -

  • Access to your information: You have the right to request a copy of the personal information about you that we hold. 
  • Correcting your information: We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards.
  • Deletion of your information: You have the right to ask us to delete personal information about you where:
    • you consider that we no longer require the information for the purposes for which it was obtained or that we no longer need to retain it in accordance with our statutory obligations;
    • you have validly objected to our use of your personal information - see ‘Objecting to how we may use your information’ below;
    • our use of your personal information is contrary to law or our other legal obligations.
  • Objecting to how we may use your information: Where we use your personal information to perform tasks carried out in the public interest then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.
  • Restricting how we may use your information: In some cases, you may ask us to restrict how we use your personal information.  This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information.  The right might also apply where there is no longer a basis for using your personal information but you do not want us to delete the data.  Where this right is validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
  • Withdrawing consent using your information: Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given. Please contact us in any of the ways set out in the ‘Contact information and further advice’ section if you wish to exercise any of these rights.
  • Lodging a complaint: If you feel we have used your information incorrectly or without lawful basis, or you dispute our lawful basis, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO).

Further processing

If we wish to use your information for a new purpose, not covered by this Privacy Notice, then we will provide you with a new notice explaining the new use prior to starting the processing and setting out the relevant purposes and legal basis for processing. Where and whenever necessary, we will seek your prior consent to the new processing.

Our contact details

We can provide you with access to your personal data at any time. We ask that requests are made in writing to The Data Protection Officer, ChurchApp Ltd, Lancaster House, 10 Sherwood Rise, Nottingham, NG7 6JE, or by email to support@churchsuite.com.

If you have a data protection, security or privacy-related question or complaint, please contact ChurchSuite by email in the first instance, where we will do our best to assist you or resolve an issue.

Full disclosure

Information we may collect about you/your organisation

What we use this information for
 

Organisation name
 

Used to create an account for The Service for your named organisation.

Organisation website


 

Used by us to help verify the existence of your organisation when a trial account is opened for The Service. Your organisation’s domain name is also used to match support emails received from your organisation’s domain name to your account.

Account contact first and last name



 

Each organisation will designate a named individual who will serve as our point of contact for matters relating to The Service. The account contact will also be our initial billing contact and date protection contact; however, you can update any of these at any time from within the Administrator section of The Service.

Account contact email address



 

An email address is required in order to communicate with you about your account and account-related matters. Communications will also include information about ChurchSuite training events, periodic updates about new features and functionality, and to confirm changes requested to your account.

Account contact telephone number


 

Either a landline or mobile/cell number is required. We don’t usually communicate by telephone unless you have requested a call back, or if we need to contact you quickly about your account for any reason.

Referrer

So that we know how to thank for referring you to ChurchSuite.

Other information we may derive or obtain from third parties

 

Job title within your Organisation




 

This may be stated on your organisation’s website, in your email signature, or where you have made this known to us. It’s helpful to know if we are dealing with an organisation’s leader, an operational/office admin, a finance admin, an officer of the organisation (such as a trustee, director, elder or churchwarden), or someone with another role within your organisation.

Your organisation address, including postcode/zip code and country



 

This may be taken from your website, or you may add/update this information in the Administrator section of your account. This is primarily used to correctly configure your account with the appropriate time zone, currency, tax-deductible donation or gift aid functionality, date/time format settings, and local school grade/year structure for your country.

Organisation Twitter handle
 

As a customer, we’ll follow you on Twitter. You can follow us too if you wish @churchsuite

Organisation type

 

We produce internal reporting about the different types of organisations in our customer base (e.g. church, independent charity, other; and for churches, if appropriate, the denomination).

Organisation ‘known by’ names




 

Where your organisation is known by more than one name, or by an abbreviation of your organisation name, we’ll note these to help us better match email support requests to the correct customer account, and to make it easier for your church members to find their church when they log in to the member-facing side of The Service.

Charity information
 

Where applicable, we use your charity number to obtain basic information about your charity for internal reporting purposes.

Other information we maintain about your organisation

 

Billing information

 

We maintain a financial history audit trail of invoices raised and payments made for The Service, including payment method, and overdue and unpaid accounts.

Statistics about your account

 

We maintain a record of the modules on your account and statistical information about module usage. This is used to calculate your monthly billing and statistical reporting.

Third-party integrations
 

We maintain a record of the third party integrations that you’ve completed for your account.

If you sign up for a training event



 

When you sign-up for a training event, your sign-up details are used solely to communicate with you about the event, both before and in follow up to the event. Sign-up details are retained for financial accounting and audit purposes. We do not use your event sign-up details for any other marketing purpose.

Try ChurchSuite free for 30 days - just 60 seconds to sign up.

Free trial